>9. Privoxy Copyright, License and History</A
></H1
><P
-> Copyright © 2001 - 2007 by Privoxy Developers <CODE
+> Copyright © 2001-2007 by Privoxy Developers <CODE
CLASS="EMAIL"
><<A
HREF="mailto:ijbswa-developers@lists.sourceforge.net"
><TD
><PRE
CLASS="PROGRAMLISTING"
-> debchange -v 3.0.7-beta-1 "New upstream version"</PRE
+> debchange -v 3.0.7-stable-1 "New upstream version"</PRE
></TD
></TR
></TABLE
> This will create
<TT
CLASS="FILENAME"
->../privoxy_3.0.7-beta-1_i386.deb</TT
+>../privoxy_3.0.7-stable-1_i386.deb</TT
>
which can be uploaded. To upload the package to Sourceforge, simply
issue
><P
></P
>
-
<P
></P
><TABLE
><H3
CLASS="SECT2"
><A
-NAME="AEN335"
+NAME="AEN341"
>3.1. What exactly is an <SPAN
CLASS="QUOTE"
>"actions"</SPAN
><H3
CLASS="SECT2"
><A
-NAME="AEN358"
+NAME="AEN364"
>3.3. How are actions files configured? What is the easiest
way to do this?</A
></H3
><H3
CLASS="SECT2"
><A
-NAME="AEN367"
+NAME="AEN373"
>3.4. There are several different <SPAN
CLASS="QUOTE"
>"actions"</SPAN
CLASS="QUOTE"
>"improved"</SPAN
> versions and it is
- therefore strongly recommended to use the newer configuration files.
+ therefore strongly recommended to install the newer configuration files
+ and merge back your modifications.
</P
></DIV
><DIV
CLASS="APPLICATION"
>Privoxy</SPAN
> for multiple untrusted users (e.g. in
- a LAN), you will probably want to make sure that the the web-based
- editor and remote toggle features are <SPAN
+ a LAN) or aren't entirely in control of your own browser, you will probably want
+ to make sure that the the web-based editor and remote toggle features are
+ <SPAN
CLASS="QUOTE"
>"off"</SPAN
> by setting <SPAN
>.
</P
><P
-> Note that in the default configuration, only local users (i.e. those on
- <SPAN
-CLASS="QUOTE"
->"localhost"</SPAN
->) can connect to <SPAN
+> As of <SPAN
CLASS="APPLICATION"
>Privoxy</SPAN
->,
- so this is (normally) not a security problem.
+> 3.0.7 these options are disabled by default.
</P
></DIV
><DIV
><H3
CLASS="SECT2"
><A
-NAME="AEN465"
+NAME="AEN470"
>3.11. What is the <TT
CLASS="FILENAME"
>default.filter</TT
CLASS="EMPHASIS"
>filters</I
></SPAN
-> as supplied by the developers are defined.
+> as supplied by the developers are defined.
Filters are a special subset of actions that can be used to modify or
- remove, web page content on the fly. Filters apply to <SPAN
+ remove web page content or headers on the fly. Content filters can
+ be applied to <SPAN
CLASS="emphasis"
><I
CLASS="EMPHASIS"
>anything</I
></SPAN
->
- in the page source (and optionally both client and server headers), including
- HTML tags, and JavaScript. Regular expressions are used to accomplish this.
- There are a number of pre-defined filters to deal with common annoyances. The
+> in the page source,
+ header filters can be applied to either server or client headers.
+ Regular expressions are used to accomplish this.</P
+><P
+> There are a number of pre-defined filters to deal with common annoyances. The
filters are only defined here, to invoke them, you need to use the
<A
HREF="../user-manual/actions-file.html#FILTER"
>filter</TT
>
action</A
-> in one of the actions files. Filtering is automatically
- disabled for inappropriate MIME types. Filters should
+> in one of the actions files. Content filtering is automatically
+ disabled for inappropriate MIME types, but if you now better than Privoxy
+ what should or should not be filtered you can filter any content you like.</P
+><P
+> Filters should
<SPAN
CLASS="emphasis"
><I
HREF="http://config.privoxy.org/show-status"
TARGET="_top"
>web-based actions file editor</A
->
- Note
- that the custom actions editor must be explicitly enabled in the main config file
- (see <A
+>.
+ Note that the custom actions editor must be explicitly enabled in
+ the main config file (see <A
HREF="../user-manual/config.html#ENABLE-EDIT-ACTIONS"
TARGET="_top"
>enable-edit-actions</A
->). </P
+>).</P
+><P
+> If you intend to develop your own filters, you might want to have a look at
+ <A
+HREF="http://www.fabiankeil.de/sourcecode/pft/"
+TARGET="_top"
+>Privoxy-Filter-Test</A
+>.</P
></DIV
><DIV
CLASS="SECT2"
><H3
CLASS="SECT2"
><A
-NAME="AEN512"
+NAME="AEN521"
>3.13. Instead of ads, now I get a checkerboard pattern. I don't want to see anything.</A
></H3
><P
><H3
CLASS="SECT2"
><A
-NAME="AEN529"
+NAME="AEN538"
>3.14. Why would anybody want to see a checkerboard pattern?</A
></H3
><P
><H3
CLASS="SECT2"
><A
-NAME="AEN535"
+NAME="AEN544"
>3.15. I see some images being replaced with text
instead of the checkerboard image. Why and how do I get rid of this?</A
></H3
CLASS="LITERAL"
>Host</TT
> header is required by HTTP/1.1 and as most
- web sites don't work if it isn't set, this limitation shouldn't be a
- problem.</P
+ web sites rely on it anyway, this limitation shouldn't be a problem.</P
><P
> Please refer to your packet filter's documentation to learn how to
intercept and redirect traffic into <SPAN
CLASS="APPLICATION"
>Privoxy</SPAN
->. Afterward you just have
- to configure <SPAN
+>.
+ Afterward you just have to configure <SPAN
CLASS="APPLICATION"
>Privoxy</SPAN
> to
<A
HREF="../user-manual/config.html#ACCEPT-INTERCEPTED-REQUESTS"
TARGET="_top"
->accept intercepted requests</A
+>accept
+ intercepted requests</A
>.</P
></DIV
><DIV
> This allows access to only those three sites by first blocking all URLs, and
then subsequently allowing three specific exceptions.</P
><P
-> A more interesting approach is <SPAN
+> Another approach is <SPAN
CLASS="APPLICATION"
>Privoxy's</SPAN
>
>. See the <A
HREF="../user-manual/config.html#TRUSTFILE"
TARGET="_top"
->User Manual Trust</A
+>Trust documentation</A
>
- documentation.</P
+ for details.</P
><P
> These are fairly simple approaches and are not completely foolproof. There
are various other configuration options that should be disabled (described
>the User Manual</A
>)
so that users can't modify their own configuration and easily circumvent the
- whitelist. </P
+ whitelist.</P
></DIV
><DIV
CLASS="SECT2"
CLASS="FILENAME"
>templates</TT
>. Knowing something about HTML syntax
- will of course be helpful. Be forewarned that the default templates are
- subject to being overwritten during upgrades. You can, however, create
- completely new templates by specifying an alternate path for them in the main
+ will of course be helpful.</P
+><P
+> Be forewarned that the default templates are subject to being overwritten
+ during upgrades. You can, however, create completely new templates,
+ place them in another directory and specify the alternate path in the main
<TT
CLASS="FILENAME"
>config</TT
->, see the <A
+>. For details, have a look at the <A
HREF="../user-manual/config.html#templdir"
TARGET="_top"
>templdir</A
> page?</A
></H3
><P
-> There is more than one way to do it.</P
+> There is more than one way to do it (although Perl is not involved).</P
><P
> Editing the BLOCKED template page (see above) may dissuade some users, but
this method is easily circumvented. Where you need this level of control, you
- should build <SPAN
+ might want to build <SPAN
CLASS="APPLICATION"
>Privoxy</SPAN
-> from source, and enable various features that are
+> from source, and disable various features that are
available as compile-time options. You should
<B
CLASS="COMMAND"
> does not allow easy bypassing of blocked sites, or changing the
current configuration via any connected user's web browser.</P
><P
-> Note that all of these features can also be toggled on/off via options in
+> Finally, all of these features can also be toggled on/off via options in
<SPAN
CLASS="APPLICATION"
>Privoxy's</SPAN
>7. Privoxy Copyright, License and History</A
></H1
><P
-> Copyright © 2001 - 2007 by Privoxy Developers <CODE
+> Copyright © 2001-2007 by Privoxy Developers <CODE
CLASS="EMAIL"
><<A
HREF="mailto:ijbswa-developers@lists.sourceforge.net"
><H2
CLASS="SECT2"
><A
-NAME="AEN1377"
+NAME="AEN1389"
>7.1. License</A
></H2
><P
><H2
CLASS="SECT2"
><A
-NAME="AEN1393"
+NAME="AEN1405"
>7.2. History</A
></H2
><P
CLASS="SECT2"
><A
NAME="WHO-USES"
->1.1. Who should use Privoxy?</A
+>1.1. Who should give <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> a try?</A
></H3
><P
-> Anyone that is interested in security, privacy, or in
+> Anyone who is interested in security, privacy, or in
finer-grained control over their web and Internet experience.
- Everyone is encouraged to try <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
->.
</P
></DIV
><DIV
CLASS="APPLICATION"
>Privoxy</SPAN
> is certainly a good choice, especially for those who want more
- control and security. Those that have the ability to fine-tune their installation
- will benefit the most. One of <SPAN
+ control and security. Those with the willingness to read the documentation
+ and the ability to fine-tune their installation will benefit the most.
+ </P
+><P
+> One of <SPAN
CLASS="APPLICATION"
>Privoxy's</SPAN
>
- strength's is that it is highly configurable giving you the ability to
+ strengths is that it is highly configurable giving you the ability to
completely personalize your installation. Being familiar with, or at least
having an interest in learning about <A
HREF="http://en.wikipedia.org/wiki/Http"
HREF="http://en.wikipedia.org/wiki/Html"
TARGET="_top"
>HTML</A
->,
- <A
-HREF="http://en.wikipedia.org/wiki/Internet_Protocol"
-TARGET="_top"
->IP (Internet
- Protocol)</A
>, and
<A
HREF="http://en.wikipedia.org/wiki/Regular_expressions"
TARGET="_top"
>text editor</A
>
- to edit configuration files.
+ to edit configuration files. Also note that the web-based action editor
+ doesn't use authentication and should only be enabled in environments
+ where all clients with access to <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> listening port can be trusted.
</P
></DIV
><DIV
><H3
CLASS="SECT2"
><A
-NAME="AEN78"
+NAME="AEN79"
>1.6. Why <SPAN
CLASS="QUOTE"
>"Privoxy"</SPAN
TARGET="_top"
>cookies</A
>, and still
- helps protect your privacy. But, these have all been greatly enhanced, and many,
- many new features have been added, all in the same vein.
+ helps protect your privacy. But, most of these features have been enhanced,
+ and many new ones have been added, all in the same vein.
</P
><P
> <SPAN
><H3
CLASS="SECT2"
><A
-NAME="AEN150"
+NAME="AEN151"
>1.9. Can Privoxy make mistakes?
This does not sound very scientific.</A
></H3
><H3
CLASS="SECT2"
><A
-NAME="AEN156"
+NAME="AEN157"
>1.10. Will I have to configure Privoxy
before I can use it?</A
></H3
><P
-> No, not really. The default installation should give you a good starting
+> That depends on your expectations.
+ The default installation should give you a good starting
point, and block <SPAN
CLASS="emphasis"
><I
CLASS="EMPHASIS"
>most</I
></SPAN
-> ads and unwanted content. Many of
- the more advanced features are off by default, and would require you to
- activate them. </P
+> ads and unwanted content,
+ but many of the more advanced features are off by default, and require
+ you to activate them. </P
><P
> You do have to set up your browser to use
<SPAN
CLASS="APPLICATION"
>Privoxy's</SPAN
>
- configuration to more closely match your individual situation. And we would
+ configuration to more closely match your individual situation. And we
encourage you to do this. This is where the real power of
<SPAN
CLASS="APPLICATION"
adequate for you. But <SPAN
CLASS="APPLICATION"
>Privoxy</SPAN
-> is much more
- versatile and powerful, and can do a number of things that browsers just can't.
+> is very
+ versatile and powerful, and can probably do a number of things
+ your browser just can't.
</P
><P
> In addition, a proxy is good choice if you use multiple browsers, or
have to maintain a similar configuration for possibly many browsers or
users.
</P
+><P
+> Note, however, that it's recommended to leverage both your browser's
+ and <SPAN
+CLASS="APPLICATION"
+>Privoxy's</SPAN
+> privacy enhancing features
+ at the same time. While your browser probably lacks some features
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> offers, it should also be able to do some things more
+ reliable, for example restricting and suppressing JavaScript.
+ </P
></DIV
><DIV
CLASS="SECT2"
> <SPAN
CLASS="APPLICATION"
>Privoxy</SPAN
-> is licensed under the <A
+> is free software and licensed under the <A
HREF="http://www.gnu.org/licenses/old-licenses/gpl-2.0.html"
TARGET="_top"
>GNU General Public License (GPL) version 2</A
></SPAN
> of any kind, expressed, implied or otherwise.
That is something that would cost real money ;-) There is no registration either.
- <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
-> really is <SPAN
-CLASS="emphasis"
-><I
-CLASS="EMPHASIS"
->free</I
-></SPAN
->
- in every respect!
</P
></DIV
><DIV
>Privoxy</SPAN
> could help prevent contact from (known) sites that use such
tactics with appropriate configuration rules, and thus could conceivably
- prevent contamination from such sites.</P
+ prevent contamination from such sites. However, keeping such a configuration
+ up to date would require a lot of time and effort that would be better spend
+ on keeping your software itself up to date so it doesn't have known
+ vulnerabilities.</P
></DIV
><DIV
CLASS="SECT2"
>Privoxy</SPAN
> in conjunction with other
ad-blocking products, and this could conceivably cause undesirable results.
- It would be better to choose one software or the other and work a little to
+ It might be better to choose one software or the other and work a little to
tweak its configuration to your liking.</P
+><P
+> Note that this is an advice specific to ad blocking.</P
></DIV
><DIV
CLASS="SECT2"
>Developer's Manual</A
>, at least
the pertinent sections.</P
+><P
+> You can also start helping out without SourceForge.net account,
+ simply by showing up on the mailing list, helping out other users,
+ providing general feedback or reporting problems you noticed.
+ </P
></DIV
><DIV
CLASS="SECT3"
HREF="mailto: ijbswa-developers@lists.sourceforge.net"
TARGET="_top"
>drop us a note</A
->.</P
+>
+ and get your name on the list of contributors.</P
></DIV
><DIV
CLASS="SECT3"
><BR></P
><P
CLASS="PUBDATE"
->$Id: faq.sgml,v 2.34 2007/11/19 02:38:11 hal9 Exp $<BR></P
+>$Id: faq.sgml,v 2.35 2007/11/19 17:57:59 fabiankeil Exp $<BR></P
><DIV
><DIV
CLASS="ABSTRACT"
><DT
>1.1. <A
HREF="general.html#WHO-USES"
->Who should use Privoxy?</A
+>Who should give <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> a try?</A
></DT
><DT
>1.2. <A
></DT
><DT
>1.6. <A
-HREF="general.html#AEN78"
+HREF="general.html#AEN79"
>Why <SPAN
CLASS="QUOTE"
>"Privoxy"</SPAN
></DT
><DT
>1.9. <A
-HREF="general.html#AEN150"
+HREF="general.html#AEN151"
>Can Privoxy make mistakes?
This does not sound very scientific.</A
></DT
><DT
>1.10. <A
-HREF="general.html#AEN156"
+HREF="general.html#AEN157"
>Will I have to configure Privoxy
before I can use it?</A
></DT
><DL
><DT
>3.1. <A
-HREF="configuration.html#AEN335"
+HREF="configuration.html#AEN341"
>What exactly is an <SPAN
CLASS="QUOTE"
>"actions"</SPAN
></DT
><DT
>3.3. <A
-HREF="configuration.html#AEN358"
+HREF="configuration.html#AEN364"
>How are actions files configured? What is the easiest
way to do this?</A
></DT
><DT
>3.4. <A
-HREF="configuration.html#AEN367"
+HREF="configuration.html#AEN373"
>There are several different <SPAN
CLASS="QUOTE"
>"actions"</SPAN
></DT
><DT
>3.11. <A
-HREF="configuration.html#AEN465"
+HREF="configuration.html#AEN470"
>What is the <TT
CLASS="FILENAME"
>default.filter</TT
></DT
><DT
>3.13. <A
-HREF="configuration.html#AEN512"
+HREF="configuration.html#AEN521"
>Instead of ads, now I get a checkerboard pattern. I don't want to see anything.</A
></DT
><DT
>3.14. <A
-HREF="configuration.html#AEN529"
+HREF="configuration.html#AEN538"
>Why would anybody want to see a checkerboard pattern?</A
></DT
><DT
>3.15. <A
-HREF="configuration.html#AEN535"
+HREF="configuration.html#AEN544"
>I see some images being replaced with text
instead of the checkerboard image. Why and how do I get rid of this?</A
></DT
><DL
><DT
>4.1. <A
-HREF="misc.html#AEN707"
+HREF="misc.html#AEN717"
>How much does Privoxy slow my browsing down? This
has to add extra time to browsing.</A
></DT
></DT
><DT
>4.8. <A
-HREF="misc.html#AEN773"
+HREF="misc.html#AEN782"
>Can Privoxy guarantee I am anonymous?</A
></DT
><DT
>4.9. <A
-HREF="misc.html#AEN791"
+HREF="misc.html#AEN800"
>A test site says I am not using a Proxy.</A
></DT
><DT
></DT
><DT
>4.11. <A
-HREF="misc.html#AEN847"
+HREF="misc.html#AEN856"
>Might some things break because header information or
content is being altered?</A
></DT
><DT
>4.12. <A
-HREF="misc.html#AEN861"
+HREF="misc.html#AEN870"
>Can Privoxy act as a <SPAN
CLASS="QUOTE"
>"caching"</SPAN
></DT
><DT
>4.13. <A
-HREF="misc.html#AEN871"
+HREF="misc.html#AEN880"
>What about as a firewall? Can Privoxy protect me?</A
></DT
><DT
>4.14. <A
-HREF="misc.html#AEN876"
+HREF="misc.html#AEN885"
>I have large empty spaces / a checkerboard pattern now where
ads used to be. Why?</A
></DT
><DT
>4.15. <A
-HREF="misc.html#AEN884"
+HREF="misc.html#AEN893"
>How can Privoxy filter Secure (HTTPS) URLs?</A
></DT
><DT
>4.16. <A
-HREF="misc.html#AEN898"
+HREF="misc.html#AEN907"
>Privoxy runs as a <SPAN
CLASS="QUOTE"
>"server"</SPAN
><DT
>4.17. <A
HREF="misc.html#TURNOFF"
->How can I temporarily disable Privoxy?</A
+>Can I temporarily disable Privoxy?</A
></DT
><DT
>4.18. <A
><DL
><DT
>5.1. <A
-HREF="trouble.html#AEN1064"
+HREF="trouble.html#AEN1075"
>I cannot connect to any websites. Or, I am getting
<SPAN
CLASS="QUOTE"
></DT
><DT
>5.3. <A
-HREF="trouble.html#AEN1087"
+HREF="trouble.html#AEN1098"
>I just added a new rule, but the steenkin ad is
still getting through. How?</A
></DT
><DL
><DT
>7.1. <A
-HREF="copyright.html#AEN1377"
+HREF="copyright.html#AEN1389"
>License</A
></DT
><DT
>7.2. <A
-HREF="copyright.html#AEN1393"
+HREF="copyright.html#AEN1405"
>History</A
></DT
></DL
special I have to do now?</A
></H3
><P
-> All browsers must be told to use <SPAN
+> All browsers should be told to use <SPAN
CLASS="APPLICATION"
>Privoxy</SPAN
>
as a proxy by specifying the correct proxy address and port number
- in the appropriate configuration area for the browser. See
+ in the appropriate configuration area for the browser. It's possible
+ to combine <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> with a packet filter to intercept HTTP requests
+ even if the client isn't explicitly configured to use <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>,
+ but where possible, configuring the client is recommended. See
<A
HREF="../user-manual/startup.html"
TARGET="_top"
>the User Manual for more
details</A
->. You should also flush your browser's memory and disk cache to get rid of any
- cached junk items, and remove any stored
+>. You should also flush your browser's memory and disk
+ cache to get rid of any cached junk items, and remove any stored
<A
HREF="http://en.wikipedia.org/wiki/Browser_cookie"
TARGET="_top"
>"localhost"</SPAN
>,
which is the special name used by every computer on the Internet to refer
- to itself) and the port will be 8118 (unless you have <SPAN
-CLASS="APPLICATION"
->Privoxy</SPAN
->
- to run on a different port with the <A
+ to itself) and the port will be 8118 (unless you used the <A
HREF="../user-manual/config.html#LISTEN-ADDRESS"
TARGET="_top"
>listen-address</A
-> config option).
+>
+ config option to tell <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> to run on
+ a different port).
</P
><P
> When configuring your browser's proxy settings you typically enter
CLASS="APPLICATION"
>Privoxy</SPAN
> does not currently handle
- any other protocols such as FTP, SMTP, IM, IRC, ICQ, etc. Be sure that
- proxying any of these other protocols is not activated.
+ any other protocols such as FTP, SMTP, IM, IRC, ICQ, etc.
</P
></DIV
><DIV
>Clear Disk Cache</SPAN
>"</SPAN
>.
- And, <SPAN
+ In some <SPAN
CLASS="APPLICATION"
>Firefox</SPAN
-> users would click
+> versions it's
<SPAN
CLASS="GUIBUTTON"
>Tools</SPAN
CLASS="GUIBUTTON"
>Clear Cache Now</SPAN
>"</SPAN
->. </P
+>.
+ </P
></DIV
></DIV
><DIV
><H3
CLASS="SECT2"
><A
-NAME="AEN707"
+NAME="AEN717"
>4.1. How much does Privoxy slow my browsing down? This
has to add extra time to browsing.</A
></H3
></TT
>
actions may cause a perceived slowdown, since the entire document
- needs to be buffered before displaying. And on very large documents, filtering may have
- some measurable impact. How much depends on the page size, the actual
- definition of the filter(s), etc. See below. Most other actions have little
- to no impact on speed.</P
+ needs to be buffered before displaying. And on very large documents,
+ filtering may have some measurable impact. How much depends on the page size,
+ the actual definition of the filter(s), etc. See below. Most other actions
+ have little to no impact on speed.</P
><P
> Also, when filtering is enabled but zlib support isn't available, compression
is often disabled (see <A
TARGET="_top"
>prevent-compression</A
>).
- This can have an impact on speed as well. Again, the page size, etc. will
- determine how much of an impact.</P
+ This can have an impact on speed as well, although it's probably smaller than
+ you might think. Again, the page size, etc. will determine how much of an impact.</P
></DIV
><DIV
CLASS="SECT2"
you can't even rule out that some of them only exist to *collect* information
on (those suspicious) people with a more than average preference for privacy.</P
><P
-> Your best bet is to chain <SPAN
+> If you want to hide your IP address from most adversaries,
+ you should consider chaining <SPAN
CLASS="APPLICATION"
>Privoxy</SPAN
>
HREF="http://tor.eff.org/"
TARGET="_top"
>Tor</A
->,
- an <A
-HREF="http://www.eff.org/"
-TARGET="_top"
->EFF</A
-> supported onion routing system.
+>.
The configuration details can be found in
<A
HREF="#TOR"
><H3
CLASS="SECT2"
><A
-NAME="AEN773"
+NAME="AEN782"
>4.8. Can Privoxy guarantee I am anonymous?</A
></H3
><P
-> No. Your chances of remaining anonymous are greatly improved, but unless you
+> No. Your chances of remaining anonymous are improved, but unless you
<A
HREF="#TOR"
TARGET="_top"
>Tor</SPAN
></A
>
- or a similar system and know what you're doing when it comes to configuring
- the rest of your system, it would be safest to assume that everything you do
+ or a similar proxy and know what you're doing when it comes to configuring
+ the rest of your system, you should assume that everything you do
on the Web can be traced back to you.</P
><P
> <SPAN
><H3
CLASS="SECT2"
><A
-NAME="AEN791"
+NAME="AEN800"
>4.9. A test site says I am not using a Proxy.</A
></H3
><P
CLASS="APPLICATION"
>Tor</SPAN
> does, why it is no replacement for
- application level security, and why you shouldn't use it for unencrypted logins.</P
+ application level security, and why you probably don't want to
+ use it for unencrypted logins.</P
></DIV
><DIV
CLASS="SECT2"
><H3
CLASS="SECT2"
><A
-NAME="AEN847"
+NAME="AEN856"
>4.11. Might some things break because header information or
content is being altered?</A
></H3
> is sometimes used in this way to identify
the browser, and adjust content accordingly.</P
><P
-> Also, different browsers use different encodings of Russian and Czech
+> Also, different browsers use different encodings of non-English
characters, certain web servers convert pages on-the-fly according to the
User Agent header. Giving a <SPAN
CLASS="QUOTE"
>"Referer"</SPAN
> or cookie is provided, is another example. (But you
can forge both headers without giving information away). There are
- many other ways things that can go wrong when trying to fool a web server. The
+ many other ways things can go wrong when trying to fool a web server. The
results of which could inadvertently cause pages to load incorrectly,
partially, or even not at all. And there may be no obvious clues as to just
what went wrong, or why. Nowhere will there be a message that says
><H3
CLASS="SECT2"
><A
-NAME="AEN861"
+NAME="AEN870"
>4.12. Can Privoxy act as a <SPAN
CLASS="QUOTE"
>"caching"</SPAN
><H3
CLASS="SECT2"
><A
-NAME="AEN871"
+NAME="AEN880"
>4.13. What about as a firewall? Can Privoxy protect me?</A
></H3
><P
><H3
CLASS="SECT2"
><A
-NAME="AEN876"
+NAME="AEN885"
>4.14. I have large empty spaces / a checkerboard pattern now where
ads used to be. Why?</A
></H3
><H3
CLASS="SECT2"
><A
-NAME="AEN884"
+NAME="AEN893"
>4.15. How can Privoxy filter Secure (HTTPS) URLs?</A
></H3
><P
><H3
CLASS="SECT2"
><A
-NAME="AEN898"
+NAME="AEN907"
>4.16. Privoxy runs as a <SPAN
CLASS="QUOTE"
>"server"</SPAN
CLASS="SECT2"
><A
NAME="TURNOFF"
->4.17. How can I temporarily disable Privoxy?</A
+>4.17. Can I temporarily disable Privoxy?</A
></H3
><P
-> The easiest way is to access <SPAN
+> <SPAN
CLASS="APPLICATION"
>Privoxy</SPAN
-> with your
- browser by using the remote toggle URL: <A
+> doesn't have a transparent proxy mode,
+ but you can toggle off blocking and content filtering.</P
+><P
+> The easiest way to do that is to point your browser
+ to the remote toggle URL: <A
HREF="http://config.privoxy.org/toggle"
TARGET="_top"
>http://config.privoxy.org/toggle</A
->.
- See the <A
+>.</P
+><P
+> See the <A
HREF="../user-manual/appendix.html#BOOKMARKLETS"
TARGET="_top"
>Bookmarklets section</A
<SPAN
CLASS="APPLICATION"
>Privoxy</SPAN
-> is still acting as a proxy, but just not
- doing any of the things that <SPAN
+> is still acting as a proxy, but just
+ doing less of the things that <SPAN
CLASS="APPLICATION"
>Privoxy</SPAN
> would
CLASS="QUOTE"
>"Adventuresome"</SPAN
> profile in the
- web-based editor. Please upgrade!</P
+ web-based editor. Please upgrade.</P
></DIV
><DIV
CLASS="SECT2"
><H3
CLASS="SECT2"
><A
-NAME="AEN1064"
+NAME="AEN1075"
>5.1. I cannot connect to any websites. Or, I am getting
<SPAN
CLASS="QUOTE"
><H3
CLASS="SECT2"
><A
-NAME="AEN1087"
+NAME="AEN1098"
>5.3. I just added a new rule, but the steenkin ad is
still getting through. How?</A
></H3
adding <SPAN
CLASS="QUOTE"
>"www."</SPAN
-> to the URL). In other cases, if
- <SPAN
+> to the URL).</P
+><P
+> In other cases, if <SPAN
CLASS="APPLICATION"
>Privoxy</SPAN
-> is being chained with another proxy, this
- could complicate the issue, and cause undue
+> is being chained
+ with another proxy, this could complicate the issue, and cause undue
delays and timeouts. In the case of a <SPAN
CLASS="QUOTE"
>"socks4a"</SPAN
> which is reporting whatever problem occurred
downstream, and not the root cause of the error.</P
><P
-> In any case, newer versions include various improvements to help
+> In any case, versions newer than 3.0.3 include various improvements to help
<SPAN
CLASS="APPLICATION"
>Privoxy</SPAN
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN""http://www.w3.org/TR/html4/loose.dtd">
<HTML
><HEAD
><TITLE
>Privoxy - The Privacy Enhancing Proxy</TITLE
><META
NAME="GENERATOR"
-CONTENT="Modular DocBook HTML Stylesheet Version 1.76b+
-"><META
+CONTENT="Modular DocBook HTML Stylesheet Version 1.79"><META
NAME="KEYWORD"
CONTENT="privoxy"><META
NAME="KEYWORD"
CLASS="TITLE"
><A
NAME="AEN2"
-></A
->Privoxy - The Privacy Enhancing Proxy</H1
+>Privoxy - The Privacy Enhancing Proxy</A
+></H1
><H2
CLASS="SUBTITLE"
->Project Index Page v3.0.6</H2
+>Project Index Page v3.0.7</H2
><DIV
><DIV
CLASS="ABSTRACT"
+><P
+></P
><A
NAME="AEN29"
></A
><P
-></P
-><P
-> Privoxy is a
+> Privoxy is a non-caching
<A
HREF="http://en.wikipedia.org/wiki/Proxy_server"
TARGET="_top"
>web proxy</A
>
- with advanced filtering capabilities for protecting
- privacy, modifying web page data, managing
+ with advanced filtering capabilities for enhancing privacy,
+ modifying web page data, managing HTTP
<A
HREF="http://en.wikipedia.org/wiki/Browser_cookie"
TARGET="_top"
>cookies</A
>,
controlling access, and removing ads, banners, pop-ups and other obnoxious
- Internet junk. Privoxy has a very flexible configuration and can be
+ Internet junk. Privoxy has a flexible configuration and can be
customized to suit individual needs and tastes. Privoxy has application for
both stand-alone systems and multi-user networks.</P
><P
CLASS="SECT1"
><A
NAME="DOWNLOAD"
-></A
->Download</H3
+>Download</A
+></H3
><P
> <P
></P
CLASS="SECT1"
><A
NAME="DOCS"
-></A
->Documentation</H3
+>Documentation</A
+></H3
><P
> <P
></P
CLASS="SECT1"
><A
NAME="MOREINFO"
-></A
->More information</H3
+>More information</A
+></H3
><P
> <P
></P
> <DIV
CLASS="TABLE"
><A
-NAME="AEN2171"
+NAME="AEN2167"
></A
><P
><B
><H2
CLASS="SECT2"
><A
-NAME="AEN2270"
+NAME="AEN2266"
>8.1. Finding the Right Mix</A
></H2
><P
><H2
CLASS="SECT2"
><A
-NAME="AEN2277"
+NAME="AEN2273"
>8.2. How to Edit</A
></H2
><P
><H3
CLASS="SECT3"
><A
-NAME="AEN2368"
+NAME="AEN2364"
>8.4.1. The Domain Pattern</A
></H3
><P
><H3
CLASS="SECT3"
><A
-NAME="AEN2439"
+NAME="AEN2435"
>8.4.2. The Path Pattern</A
></H3
><P
and use their output as input.
</P
><P
+> If the request URL gets changed, <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> will detect that and use the new
+ one. This can be used to rewrite the request destination behind the client's
+ back, for example to specify a Tor exit relay for certain requests.
+ </P
+><P
> Please refer to the <A
HREF="filter-file.html"
>filter file chapter</A
# This way you can continue to use Tor for your normal browsing,
# without overloading the Tor network with your FreeBSD ports updates
# or downloads of bigger files like ISOs.
+# Note that HTTP headers are easy to fake and therefore their
+# values are as (un)trustworthy as your clients and users.
{+forward-override{forward .} \
-hide-if-modified-since \
-overwrite-last-modified \
CLASS="QUOTE"
>"If-Modified-Since:"</SPAN
> makes
- sure it isn't used as a cookie replacement, but you will run into
- caching problems if the random range is too high.
+ it less likely that the server can use the time as a cookie replacement,
+ but you will run into caching problems if the random range is too high.
</P
><P
> It is a good idea to only use a small negative value and let
HREF="actions-file.html#CRUNCH-IF-NONE-MATCH"
>crunch-if-none-match</A
></TT
->.
+>,
+ otherwise it's more or less pointless.
</P
></DD
><DT
><TD
><PRE
CLASS="SCREEN"
-># Let the browser revalidate without being tracked across sessions
-{ +hide-if-modified-since{-60} \
+># Let the browser revalidate but make tracking based on the time less likely.
+{+hide-if-modified-since{-60} \
+overwrite-last-modified{randomize} \
+crunch-if-none-match}
/</PRE
>Typical use:</DT
><DD
><P
->Improve privacy by not embedding the source of the request in the HTTP headers.</P
+>Improve privacy by not forwarding the source of the request in the HTTP headers.</P
></DD
><DT
>Effect:</DT
> Deletes any existing <SPAN
CLASS="QUOTE"
>"X-Forwarded-for:"</SPAN
-> HTTP header from client requests,
- and prevents adding a new one.
+> HTTP header from client requests.
</P
></DD
><DT
>Notes:</DT
><DD
><P
-> It is safe to leave this on.
+> It is safe and recommended to leave this on.
</P
></DD
><DT
><P
><SPAN
CLASS="QUOTE"
+>"conditional-forge"</SPAN
+> to forge the header if the host has changed.</P
+></LI
+><LI
+><P
+><SPAN
+CLASS="QUOTE"
>"block"</SPAN
> to delete the header unconditionally.</P
></LI
><P
> Always blocking the referrer, or using a custom one, can lead to
failures on servers that check the referrer before they answer any
- requests, in an attempt to prevent their valuable content from being
+ requests, in an attempt to prevent their content from being
embedded or linked to elsewhere.
</P
><P
>Typical use:</DT
><DD
><P
->Conceal your type of browser and client operating system</P
+>Try to conceal your type of browser and client operating system</P
></DD
><DT
>Effect:</DT
></SPAN
> the right thing to do: good web sites
work browser-independently).
-
</P
></TD
></TR
>Typical use:</DT
><DD
><P
->To protect against the MS buffer over-run in JPEG processing</P
+>Try to protect against a MS buffer over-run in JPEG processing</P
></DD
><DT
>Effect:</DT
allow execution of code on the target system, giving an attacker access
to the system in question by merely planting an altered JPEG image, which
would have no obvious indications of what lurks inside. This action
- prevents this exploit.
+ tries to prevent this exploit if delivered through unencrypted HTTP.
</P
><P
-> Note that the described exploit is only one of many,
- using this action does not mean that you no longer
- have to patch the client.
+> Note that the exploit mentioned is several years old
+ and it's unlikely that your client is still vulnerable
+ against it. This action may be removed in one of the
+ next releases.
</P
></DD
><DT
> This action is most appropriate for browsers that don't have any controls
for unwanted pop-ups. Not recommended for general usage.
</P
+><P
+> This action doesn't work very reliable and may be removed in future releases.
+ </P
></DD
><DT
>Example usage:</DT
> URLs) through proxies. It works very simply:
the proxy connects to the server on the specified port, and then
short-circuits its connections to the client and to the remote server.
- This can be a big security hole, since CONNECT-enabled proxies can be
- abused as TCP relays very easily.
+ This means CONNECT-enabled proxies can be used as TCP relays very easily.
</P
><P
> <SPAN
><H3
CLASS="SECT3"
><A
-NAME="AEN4245"
+NAME="AEN4247"
>8.5.39. Summary</A
></H3
><P
><H3
CLASS="SECT3"
><A
-NAME="AEN4310"
+NAME="AEN4312"
>8.7.1. default.action</A
></H3
><P
><H3
CLASS="SECT3"
><A
-NAME="AEN4446"
+NAME="AEN4448"
>8.7.2. user.action</A
></H3
><P
><H2
CLASS="SECT2"
><A
-NAME="AEN5331"
+NAME="AEN5333"
>14.2. Privoxy's Internal Pages</A
></H2
><P
Privoxy main page:
</P
><A
-NAME="AEN5345"
+NAME="AEN5347"
></A
><BLOCKQUOTE
CLASS="BLOCKQUOTE"
editing of actions files:
</P
><A
-NAME="AEN5353"
+NAME="AEN5355"
></A
><BLOCKQUOTE
CLASS="BLOCKQUOTE"
Show the source code version numbers:
</P
><A
-NAME="AEN5358"
+NAME="AEN5360"
></A
><BLOCKQUOTE
CLASS="BLOCKQUOTE"
Show the browser's request headers:
</P
><A
-NAME="AEN5363"
+NAME="AEN5365"
></A
><BLOCKQUOTE
CLASS="BLOCKQUOTE"
Show which actions apply to a URL and why:
</P
><A
-NAME="AEN5368"
+NAME="AEN5370"
></A
><BLOCKQUOTE
CLASS="BLOCKQUOTE"
place:
</P
><A
-NAME="AEN5376"
+NAME="AEN5378"
></A
><BLOCKQUOTE
CLASS="BLOCKQUOTE"
> Short cuts. Turn off, then on:
</P
><A
-NAME="AEN5380"
+NAME="AEN5382"
></A
><BLOCKQUOTE
CLASS="BLOCKQUOTE"
</P
></BLOCKQUOTE
><A
-NAME="AEN5383"
+NAME="AEN5385"
></A
><BLOCKQUOTE
CLASS="BLOCKQUOTE"
><H2
CLASS="SECT2"
><A
-NAME="AEN816"
+NAME="AEN814"
>6.1. Controlling Privoxy with Your Web Browser</A
></H2
><P
> <H2
CLASS="BRIDGEHEAD"
><A
-NAME="AEN824"
+NAME="AEN822"
></A
> Privoxy Menu</H2
><P
<SPAN
CLASS="APPLICATION"
>Privoxy</SPAN
-> executable. The name
- and number of configuration files has changed from previous versions, and is
- subject to change as development progresses.</P
+> executable. </P
><P
> The installed defaults provide a reasonable starting point, though
some settings may be aggressive by some standards. For the time being, the
>old</I
></SPAN
> listening address.</P
-><P
-> While under development, the configuration content is subject to change.
- The below documentation may not be accurate by the time you read this.
- Also, what constitutes a <SPAN
-CLASS="QUOTE"
->"default"</SPAN
-> setting, may change, so
- please check all your configuration files on important issues.</P
></DIV
></DIV
><DIV
>12. Privoxy Copyright, License and History</A
></H1
><P
-> Copyright © 2001 - 2007 by Privoxy Developers <CODE
+> Copyright © 2001-2007 by Privoxy Developers <CODE
CLASS="EMAIL"
><<A
HREF="mailto:ijbswa-developers@lists.sourceforge.net"
><H2
CLASS="SECT2"
><A
-NAME="AEN5074"
+NAME="AEN5076"
>12.1. License</A
></H2
><P
><H2
CLASS="SECT2"
><A
-NAME="AEN4601"
+NAME="AEN4603"
>9.1. Filter File Tutorial</A
></H2
><P
><BR></P
><P
CLASS="PUBDATE"
->$Id: user-manual.sgml,v 2.47 2007/11/18 14:59:47 fabiankeil Exp $<BR></P
+>$Id: user-manual.sgml,v 2.49 2007/12/06 18:21:55 fabiankeil Exp $<BR></P
><DIV
><DIV
CLASS="ABSTRACT"
><DL
><DT
>6.1. <A
-HREF="configuration.html#AEN816"
+HREF="configuration.html#AEN814"
>Controlling Privoxy with Your Web Browser</A
></DT
><DT
><DL
><DT
>8.1. <A
-HREF="actions-file.html#AEN2270"
+HREF="actions-file.html#AEN2266"
>Finding the Right Mix</A
></DT
><DT
>8.2. <A
-HREF="actions-file.html#AEN2277"
+HREF="actions-file.html#AEN2273"
>How to Edit</A
></DT
><DT
><DL
><DT
>8.4.1. <A
-HREF="actions-file.html#AEN2368"
+HREF="actions-file.html#AEN2364"
>The Domain Pattern</A
></DT
><DT
>8.4.2. <A
-HREF="actions-file.html#AEN2439"
+HREF="actions-file.html#AEN2435"
>The Path Pattern</A
></DT
><DT
></DT
><DT
>8.5.39. <A
-HREF="actions-file.html#AEN4245"
+HREF="actions-file.html#AEN4247"
>Summary</A
></DT
></DL
><DL
><DT
>8.7.1. <A
-HREF="actions-file.html#AEN4310"
+HREF="actions-file.html#AEN4312"
>default.action</A
></DT
><DT
>8.7.2. <A
-HREF="actions-file.html#AEN4446"
+HREF="actions-file.html#AEN4448"
>user.action</A
></DT
></DL
><DL
><DT
>9.1. <A
-HREF="filter-file.html#AEN4601"
+HREF="filter-file.html#AEN4603"
>Filter File Tutorial</A
></DT
><DT
><DL
><DT
>12.1. <A
-HREF="copyright.html#AEN5074"
+HREF="copyright.html#AEN5076"
>License</A
></DT
><DT
></DT
><DT
>14.2. <A
-HREF="appendix.html#AEN5331"
+HREF="appendix.html#AEN5333"
>Privoxy's Internal Pages</A
></DT
><DD
><TD
><PRE
CLASS="SCREEN"
-> tar xzvf privoxy-3.0.7-beta-src* [.tgz or .tar.gz]
- cd privoxy-3.0.7-beta</PRE
+> tar xzvf privoxy-3.0.7-src* [.tgz or .tar.gz]
+ cd privoxy-3.0.7</PRE
></TD
></TR
></TABLE
>1. Introduction</A
></H1
><P
-> This documentation is included with the current beta version of
+> This documentation is included with the current stable version of
<SPAN
CLASS="APPLICATION"
>Privoxy</SPAN
->, v.3.0.7,
- and is mostly complete at this point. The most up to date reference for the
- time being is still the comments in the source files and in the individual
- configuration files. Development of a new version is currently nearing
- completion, and includes significant changes and enhancements over
- earlier versions. .</P
-><P
-> Since this is a beta version, not all new features are well tested. This
- documentation may be slightly out of sync as a result (especially with
- CVS sources). And there <SPAN
-CLASS="emphasis"
-><I
-CLASS="EMPHASIS"
->may be</I
-></SPAN
-> bugs, though hopefully
- not many! </P
+>, v.3.0.7.</P
><DIV
CLASS="SECT2"
><H2
CLASS="APPLICATION"
>Privoxy</SPAN
> provides many supplemental
- features, some of them currently under development,
+ features,
that give the end-user more control, more privacy and more freedom:</P
><P
> <P
> <DIV
CLASS="FIGURE"
><A
-NAME="AEN569"
+NAME="AEN567"
></A
><P
><B
> <DIV
CLASS="FIGURE"
><A
-NAME="AEN624"
+NAME="AEN622"
></A
><P
><B
> <DIV
CLASS="FIGURE"
><A
-NAME="AEN668"
+NAME="AEN666"
></A
><P
><B